IT administrators across the world are facing the task of integrating both company and privately owned smartphones & tablet PCs into their network environments as seamlessly as possible. At the same time, the required degree of protection for all company-related data must be maintained. This talk will shed
some light on those questions and will help network administrators as well as service providers focus on the task in hand and make an informed decision.
---
Tim Berghoff is Technical Sales Consultant at G DATA
---
Find more about the G DATA Security Summit #GDATA30Y at https://www.gdatasoftware.com/30ysummit
3. A FEW THOUGHTS FOR STARTERS
Why do we need MDM to begin with?
We have mobile devices
Mobile devices can be used productively (somewhat)
Company data might be stored and processed on them
Mobile devices can access to company networks
People do strange things with their devices
G DATA | 30Y ANNIVERSARY SECURITY SUMMIT | BOCHUM, SEPTEMBER 24, 2015 3
4. THE HARD QUESTIONS FIRST…
Management Decisions:
Do we allow mobile devices at all?
Do we issue devices or go BYOD?
Cost considerations (cheaper vs. more secure)
„IT is a cost center, not a profit driver…
Do we accept the risks (Loss / Theft / Malware / …)?
…also, we have never been hacked before.“
G DATA | 30Y ANNIVERSARY SECURITY SUMMIT | BOCHUM, SEPTEMBER 24, 2015 4
5. WHAT TO CONSIDER: INFRASTRUCTURE & PROCEDURES
Changes required to existing infrastructure?
Enough IP address space?
Consider traffic
Procedures for rooted devices
Prevent use / installation of malicious apps
G DATA | 30Y ANNIVERSARY SECURITY SUMMIT | BOCHUM, SEPTEMBER 24, 2015 5
Image: cyberkey.in
6. MOBILE MALWARE
G DATA | 30Y ANNIVERSARY SECURITY SUMMIT | BOCHUM, SEPTEMBER 24, 2015 6
7. WHAT TO CONSIDER: „WHAT IF…?“
Emergency plans for theft/loss
Remote wiping
Geolocation
Make encryption mandatory
G DATA | 30Y ANNIVERSARY SECURITY SUMMIT | BOCHUM, SEPTEMBER 24, 2015 7
8. Gather information about legal requirements/restrictions
Different legal situations in different countries / in between states
Watch out for Privacy regulations
(e.g. Germany requires expressed consent from user for Geolocation)
G DATA | 30Y ANNIVERSARY SECURITY SUMMIT | BOCHUM, SEPTEMBER 24, 2015 8
§§
9. Inform users:
Certain functions may delete private data if required (in case of theft/loss)
Device location can be tracked
Restrictions are in place for Wifi access
Rules for app usage are in effect (where applicable)
G DATA | 30Y ANNIVERSARY SECURITY SUMMIT | BOCHUM, SEPTEMBER 24, 2015 9
10. G DATA | 30Y ANNIVERSARY SECURITY SUMMIT | BOCHUM, SEPTEMBER 24, 2015 10
… THANK YOU!